Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] connection reset errors, keepalive registry tweak.

2008-11-18 07:23:52
Subject: Re: [Networker] connection reset errors, keepalive registry tweak.
From: Matthew Huff <mhuff AT OX DOT COM>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Tue, 18 Nov 2008 07:20:00 -0500 
What the TCP keepaive timer does is to make sure that on every tcp connection a 
packet is sent every X interval. If the firewall will shut down the connection 
at 60 minutes without a packet being sent, then setting it at 57 minutes will 
make sure that a packet is sent within that interval. Give that it's a small 
packet, I would set it at like 15 minutes and not worry about it. That will 
make sure that it keeps the socket open. I'd set it at both the client and 
server


On 11/18/08 6:11 AM, "Jóhannes Karl Karlsson" <johannes.karlsson AT SKYRR DOT 
IS> wrote:

Has anyone here been using the KeepAliveTime registry setting?



I'm getting misleading information about how to configure this setting as 
mentioned in this solution



https://solutions.emc.com/nsepn/webapps/stqv768481dmts46655278/emcsolutionview.asp?id=esg60759





Should the time configured be the time you want the idle TCP connections to 
stay alive or the interval  you want KeepAlive packets to be sent? I need to 
know wheter I should configure this to be 1 hour or 10 hours (which is the time 
it takes to complete the backup).



>From the "Configuring Network Firewalls for a NetWorker Server guide" (P/N 
>300-005-739) on powerlink they say:



"The following examples set value of the OS TCP Keep Alive to 57 minutes to be 
below default 60 minute timeout on most firewalls"

And then shows an example where KeepAliveTime is configured to 57 minutes so 
the firewall won't disconnect after 60 minutes.



But from the support person I talked to yesterday at EMC, I could not 
understand otherwise than I should set the total time I want the idle TCP 
connections to stay alive, which is 10 hours ( in milli secs) in our case. That 
did not solve our problems.



Is it necessary to configure the KeepAliveTime both on the backup client as 
well as the backup server?







From: Francis Swasey [mailto:Frank.Swasey AT uvm DOT edu]
Sent: 17. nóvember 2008 15:32
To: EMC NetWorker discussion; Jóhannes Karl Karlsson
Subject: Re: [Networker] connection reset errors, keepalive registry tweak.



Hi,
  The thing to remember about the way NetWorker sends data from the client to 
the server is that it is a form of FTP.  There is a control connection and a 
data connection.  It is likely the control connection that is timing out 
because there is absolutely no traffic on that connection while the saveset is 
being sent to the backup server on the data connection.

  I've had to apply keepalive changes to my solaris and linux servers (I 
haven't had to modify any clients) so their control connections do not die 
during those backups that take hours.

Frank

On 11/17/08 9:55 AM, Johannes Karl Karlsson wrote:

Hi.

We're dealing with a problem backing up big files over 100mb Cisco VPN
tunnel (encripted). We get "Connection reset by peer" when doing a manual
backup from the client after the backup has been running for 10hours. The
file is 100GB.

EMC is telling us to tweak the registry on the Backup server and the client
(both Server 2003 SP2, Legato 7.4.2), as per:

https://solutions.emc.com/nsepn/webapps/stqv768481dmts46655278/emcsolutionvi
ew.asp?id=esg60759

That is create this key for both the client and ther server

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\keepal
ivetime

and specify for how many m seconds to keep idle session alive.

What I'm wonderig about is whether this could affect something else on the
client (Exchange 2007) in a negative way? Or is it a safe operation with
security in mind?

How are you troubleshooting timeout problems? Any utilities that are useful?

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS=NETWORKER






--
Frank Swasey                    | http://www.uvm.edu/~fcs
Sr Systems Administrator        | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
  "I am not young enough to know everything." - Oscar Wilde (1854-1900)

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS=NETWORKER

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] connection reset errors, keepalive registry tweak., Jóhannes Karl Karlsson
Next by Date:  Re: [Networker] connection reset errors, keepalive registry tweak., Francis Swasey
Previous by Thread:  Re: [Networker] connection reset errors, keepalive registry tweak., Jóhannes Karl Karlsson
Next by Thread:  Re: [Networker] connection reset errors, keepalive registry tweak., Francis Swasey
Indexes:  [Date] [Thread] [Top] [All Lists]